Gigamon Security Posture Insight Agent

Agent tasks: TLS version risk assessment, weak cipher suite detection, deprecated hash and signature algorithm identification, certificate hygiene analysis, compression risk evaluation (BREACH/CRIME), cryptographic posture quantification, legacy protocol exposure mapping, network telemetry correlation, anomaly detection, security posture summarization, preventive and investigative monitoring support

Agent workflow

Input: Access to Microsoft Sentinel Data Lake table (), TLS/SSL telemetry fields (, , , , , , ), Sentinel Data Exploration MCP correlation capability

Output: Legacy TLS version summary (SSLv2, SSLv3, TLS 1.0, TLS 1.1 session percentages and impacted IPs), weak cipher exposure summary (RC4, 3DES, NULL/EXPORT, non-forward-secrecy ciphers by volume and application), deprecated algorithm summary (MD5, SHA1, RSA < 2048 frequency and affected servers), certificate hygiene findings (expired, short-validity, self-signed, and reused certificates), compression risk summary (gzip/deflate and SSL compression-exposed sessions), quantified cryptographic posture risk score, actionable hardening recommendations (preventive, investigative, and monitoring), investigation-ready findings without raw event logs

Estimated costs: Each time the agent is run it using on average ~0.2 SCUs